Search the Community

People (who are involved in IT security in first place) read about the open port 32764 in routers from Cisco, Linksys, Netgear and Diamond having strange backdoor access to the configuration files of those routers. Long story short, there is a service listening on this port which accepts a variety of commands such as resetting the router or printing out all kinds of information, even passwords in plain text. Connecting to the router through telnet should return the string "ScMM" or "MMcS" if the service is running (it's for SerComm). It could be smart to check if your Cisco/Linksys/Netgear/Diamond router is listed here. Or use this python script. Or just connect to your router via telnet [your.router.ip] 32764 and see if you get one of the aforementioned strings back. Source #1 Source #2 ---- Update #1 ---- First statements of manufacturers Linksys and Netgear. Both of them allegedly are "going through all possible vulnerabilites" and will publish more information on this after they did some analyzing. Fact is that they didn't even warn the users of those routers... strange, too... Source ---- Update #2 ---- Cisco released a Security Advisory and is working on a fix. There are no workarounds so you have to wait for Cisco's update. ---- Update #3 ---- It's not over!